.png){kind=logo}
Certified Ethical Hacker (CEH) Certification Practice Exam Questions And Correct Answers (Verified Answers) Plus Rationales 2026 Q&A | Instant Download Pdf
- Which of the following is the primary purpose of ethical hacking?
- To exploit vulnerabilities for personal gain
- To identify and fix security vulnerabilities
- To protect systems by finding weaknesses before attackers do
- To gain unauthorized access to systems
Rationale: Ethical hacking aims to identify vulnerabilities in systems
and networks so they can be corrected before malicious hackers exploit them.
- What is the first phase of the ethical hacking process?
- Reconnaissance
- Gaining Access
- Scanning
- Maintaining Access 1 / 4
Rationale: Reconnaissance involves gathering preliminary data or
intelligence about the target before proceeding with deeper attacks.
- Which type of scan is used to identify open ports and services running
- Social engineering
- Network scanning
- Footprinting
- Privilege escalation
on a target system?
Rationale: Network scanning helps identify live hosts, open ports,
and available services.
- What tool is commonly used for network scanning?
- John the Ripper
- Nmap
- Aircrack-ng
- Hydra
Rationale: Nmap (Network Mapper) is a widely used tool for
discovering hosts and services on a network.
- Which protocol operates at the transport layer of the OSI model?
- IP
- TCP
- ARP
- ICMP 2 / 4
Rationale: TCP is a transport layer protocol used for reliable
communication between systems.
- What is the main purpose of a firewall?
- To encrypt data
- To control incoming and outgoing network traffic
- To detect viruses
- To scan for vulnerabilities
Rationale: Firewalls enforce access control policies between
networks by filtering packets based on defined rules.
- What does the acronym SQL stand for?
- Simple Query Language
- Structured Query Language
- Secure Query Layer
- Scripted Query Logic
Rationale: SQL stands for Structured Query Language, used for
managing and querying databases.
- What type of attack involves inserting malicious SQL statements into
- XSS attack
- SQL injection
- DNS spoofing
- ARP poisoning 3 / 4
an entry field?
Rationale: SQL injection allows attackers to manipulate a database
through unsanitized input fields.
- Which port does HTTPS typically use?
- 20
- 21
- 443
- 80
Rationale: HTTPS uses port 443 for secure communication over
TLS/SSL.
- Which of the following best describes a zero-day vulnerability?
- A vulnerability patched immediately after discovery
- A vulnerability not yet known to the vendor
- A vulnerability caused by user error
- A vulnerability found in old software
Rationale: Zero-day vulnerabilities are unknown to the vendor,
leaving systems exposed until patched.
- Which hashing algorithm produces a 128-bit hash value?
- SHA-256
- MD5
- AES
- DES
Rationale: MD5 produces a 128-bit hash used for verifying integrity,
though it is considered insecure today.
- / 4
.png)